Limit Device Traffic on an Airwall Gateway with Port Filtering

You can use Airwall Gateway port filtering to limit what traffic can pass over an Overlay based on TCP/UDP Ports. With port filtering enabled, all communication from remote to local devices is disabled, and you create custom rules to tell the local Airwall Gateway what to allow as incoming connections to local devices.

Note: When removing a port filtering rule that allows connections, any ongoing connections at the time the rule is deleted are not blocked. Rules are checked when a new connection is attempted.

Note: To establish communication between local and remote devices, you must also Add and remove device trust on the overlay, in addition to specifying custom port filtering rules

Remote Device communication

Remote devices are devices that are behind different Airwall Gateways and are reachable in the overlay network. Remote devices send connection requests to local devices, and typically use random port numbers for their connection attempts, so typically you leave the remote device port range blank.

Local Device communication

Local devices are devices that are connected locally to the Airwall Gateway you are configuring. Local devices receive incoming connections from remote devices. Most local device services are listening on a specific port or ports that you typically specify as part of the custom rule.

TCP or UDP protocol

You can specify TCP or UDP as the underlying communication protocol used by devices. If you are using a different IP protocol, select IP (any) from the Protocol list, which allows devices to use any IP protocol.

What happens to Port Filtering Rules when you delete devices?

When you delete local devices from an Airwall Gateway or delete remote devices from remote Airwall Gateways, the port filtering rules associated with the devices are deleted. If you remove an Airwall Gateway from the overlay network, the rules associated with the Airwall Gateway are labeled not reachable.